M$ has put many coats of paint on the old barn to secure that other OS but the malware writers have discovered a way to alter the MBR data so that rebooting turns off some of the layers of protection. The result is rootkits on the beloved 64bit “7”. Fortunately, our 64bit machines run Debian GNU/Linux. You need physical access to the machine or root access to alter the MBR with GNU/Linux. That other OS provides the tools by default… The modifications to UAC after the Vista fiasco opened the door to this rootkit. Malware artists have been going through this door since August.
This discovery shows once again that more layers of security applied to that other OS is a temporary defence. The malware artists only need to find one crack in each layer to get in. It is far better to have a logically secure OS from the beginning. The fewer the vulnerabilities at the core of everything the more difficult it is to penetrate from any layer of security. That other OS was designed from the beginning as a single-user system with no networking so security has always had to depend on the layers and not the core. It will always be a step behind the malware artists because painting is a reactive process. The more complex the OS the more difficult it is to paint perfectly. Better to have a core with fewer edges that can be attacked.
The world has paid $billions for licences to use that other OS since August and the result is nothing but pain. It’s value is negative. Here, I have two PCs in classrooms running that other OS. As a precaution I installed Dansguardian to filter our web access and in the first week, it found one instance of malware coming in, from a teacher’s PC running that other OS from a teacherage. It has been a pain in the neck but that one save may have prevented serious problems. The malware was a Trojan running on Java.